Check two network devices attach properly or not.
Follow the steps to configure the Linux machine(CentOS, Fedora) gateway.
i ) Check the Device eth0, eth1 are available on the machine by running command.
[root@Xhost ]# ifconfig
It will display eth0 and eth1 two network card details (ip, mac and etc).
ii) Configure eth0 as the Public Network ip address. (/etc/sysconfig/networking-scripts/ifconfig-eth0)
# cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
IPADDR=xx.xx.xx.xx # IP ADDRESS of Public Network
NETMASK=255.255.255.0 # Provided by the ISP
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=xx.xx.xx.1 # Provided by the ISP
iii) Configure eth1 as the Private Network ip address (/etc/sysconfig/networking-scripts/ifconfig-eth1)
# cat ifcfg-eth1
BOOTPROTO=none
TYPE=Ethernet
DEVICE=eth1
NETMASK=255.255.0.0 # Specify based on your requirement
IPADDR=192.168.0.1 # Gateway of the LAN
NETWORK=192.168.0.0 # Optional
USERCTL=no
IPV6INIT=no
PEERDNS=yes
ONBOOT=yesiv) Check each eth0 and eth1 separte like.
[root@Xhost ]# service network restart
:
:
[root@Xhost ]# ifconfig eth1 down
[root@Xhost ]# ping xx.xx.xx.xx # Ping any public ip
:
:
if it works fine. other wise check the configuration of eth1
simmillarly for eth1
[root@Xhost ]# service network restart
:
:
[root@Xhost ]# ifconfig eth0 down
[root@Xhost ]# ping 192.168.0.xx # Ping any private ip
:
:
if both working means continue this fifth step
V) Host Configuration (Optional)
# cat /etc/hosts
127.0.0.1 nat localhost.localdomain localhost
vi) Gateway Configuration
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=nat
GATEWAY=xx.xx.xx.1 # Internet Gateway, provided by the ISP
Vii) DNS Configuration
# cat /etc/resolv.conf
nameserver xx.xx.xx.xx # Primary DNS Server provided by ISP
nameserver xx.xx.xx.xx # Secondary DNS Server provided by ISP
viii) NAT with iptables:
[root@Xhost ]# iptables -F # Flush iptables
[root@Xhost ]# iptables -t nat -F # Flush nat table
[root@Xhost ]# iptables -t mangle -F # Flush mangle table
setup forwarding rule in the iptables
[root@Xhost ]# iptables -t nat -A PREROUTING -o eth0 -j MASQUERADE
[root@Xhost ]# iptables -A FORWARDING -i eth1 -j ACCEPT
iX) Enabling the Kernel ip forwarding
Check kernel ip forwading enable or not
[root@Xhost ]# sysctl -a | grep net.ipv4.ip_forward
net.ipv4.ip_forward = 0
if 0 is there set it to 1 by
[root@Xhost ]# echo 1 > /proc/sys/net/ipv4/ip_forward
and edit to make the change permanent
[root@Xhost ]#vi /etc/sysctl.conf
net.ipv4.ip_forward=1 # modify this 0 to 1
X) Apply configurations
[root@Xhost ]# service iptables restart
[root@Xhost ]# chkconfig --list iptables # on 3,5 runlevel
Finally Gateway is setuped ..
Now we need to test this gateway from any client system(private network).
login into client system.
ping 192.168.0.1;
ping xx.xx.xx.xx # Any public IP
0 comments:
Post a Comment